systemd Message Catalog

Summary

For a longer time systemd already included the systemd-nspawn tool as a more powerful version of chroot(1), primarily inteded for use in development, debugging, testing and building of software. With Fedora 19 we want to make nspawn considerably more useful, so that it can easily be used to start containers capable of booting up a complete Fedora distribution inside as normal system services.

systemd-nspawn shall work fine when invoked as a systemd system service

The system journal of the container shall be available in the host without fiddling

The nspawn container shall be socket-activatable, so that it can be auto-spawning on SSH connections.

Benefit to Fedora

We can more easily test Fedora 19 inside containers in order to ensure it continues to work fine out-of-the-box. This hopefully has the effect that Fedora is and stays bootable in container environments without changes, in the future.

We have a simple to use tool that just works, for development, debugging, testing and building of software.

Scope

Primarily only needs changes in systemd upstream.

How To Test

Preparation: Turn off auditing as it is incompatible with containers. Boot your host with audit=0 on the kernel command line.

User Experience

It's a tool for developers, hackers, system builders, engineers. Normal users should never see or bother with this.

Dependencies

Nothing really.

Except maybe that ideally the kernel audit layer would gain sane support for containers to it doesn't have to be turned off explicitly in the kernel via audit=0. Of course, as this is primarily a tool for developers/hackers/gurus adding the kernel command line option isn't too hard. Getting the kernel fixed is hence not a requirement.

Red Hat, Red Hat Enterprise Linux, the Shadowman logo, and JBoss are trademarks or registered trademarks of
Red Hat, Inc. or its subsidiaries in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community
maintained site. Red Hat is not responsible for content.